privacy-preserving p2p data sharing with oneswarm

Privacy-Preserving P2P Data Sharing with OneSwarm

Authors: Tomas Isdal, Michael Piatek, Arvind Krishnamurthy, Thomas Anderson

Published In: ACM SIGCOMM, September 2010

Presented By: Muhammad` Faisal Amjad

Acknowledgement

Sources of figures / graphs / tables:• The paper being presented• http://oneswarm.cs.washington.edu/• http://www.bittorrent.com/

Outline

• Introduction to P2P file sharing• The Issue of Privacy in P2P file sharing• Overview of OneSwarm file sharing System• OneSwarm Protocol Design• Security Analysis• Contributions• Weaknesses• Suggested Improvements

Introduction to P2P file sharing

Download from a single Source

Introduction to P2P file sharing

Multiple Computers download the same file from a single Source

Introduction to P2P file sharing

Every Computer becomes part of a network of sources of the same file

Torrent File

Introduction to P2P file sharing

From where to get different pieces of the file ?

Introduction to P2P file sharing

A “Tracker” gives info about various sources called “Peers”, for the file

Privacy ???

The Issue of Privacy in P2P file sharing

• Protocols like BitTorrent offer high performance and robustness but participants can easily be monitored by anyone who cares

• Anonymization networks e.g. Tor and FreeNet offer privacy but at the cost of performance

• Available P2P file sharing systems offer an un-attractive choice between privacy and performance

OneSwarm File Sharing System

Overview

• Central to the design is the notion of “flexible privacy” and “friend-to-friend sharing”.

• Instead of relying only on a directory service such as a “Tracker” to discover peers, OneSwarm builds trusted links through social network peers

• Users are free to control the tradeoff between performance and privacy by managing the level of trust in peers.

Overview of OneSwarm file sharing System - Search

Searching for a file through a chain of friends OR Peers

File is sent on the reverse path

Overview of OneSwarm file sharing System - Response

Receiver’s perspective of the source of file

Overview of OneSwarm file sharing System - Anonymity

Sender’s perspective of the destination of file

Overview of OneSwarm file sharing System - Anonymity

Protocol Design

OneSwarm protocol supports two tasks:

• Defining and maintaining the overlay topology

• Locating and transferring data objects

Protocol Design - Tasks

1) Defining and maintaining the overlay topology

• Bootstrapping the mesh network: Exchange of encryption keys• Social Network Import – Email, Social NW or LAN• Community Servers• Manually

• Name resolution: Distributed Hash Table is maintained by every user serves as the name resolution service. Contains encrypted IDs and their mapping for IP / Port

Protocol Design - Tasks2) Locating and transferring data objects

• Congestion-aware Search: Controlled flooding of search queries to locate data and construct forwarding paths without overwhelming the network or exposing endpoints.

• Swarming Data Transport: Data is split into blocks, with active downloaders redistributing completed blocks. Transfers use multiple paths and multiple sources, if available.

• Long Term History: Each client maintains transfer volumes for each peer, using these to prioritize service during periods of congestion.

So… How does OneSwarm Provide Privacy

Privacy Levels provided by OneSwarm

• Public Distribution – Same as BitTorrent*

• Without Attribution• Multi-hop (chain of friends) instead of direct P2P transfer• Changing source + destination IP addresses & Ports at

every hop

• With Permission – Peer identities and resource names are shared only through Public/Private key combinations

*All OneSwarm transfers are encrypted

Privacy Levels provided by OneSwarm

Security Analysis – Attacks & Defenses

• Timing Attack – Search queries and responses are forwarded after adding a random delay to inhibit calculation of RTT to infer proximity

• Correlation Attack – Peers have limited view of the overlay and cannot control path setup beyond directly connected neighbors. Attackers could use this to correlate performance with ongoing transfers

• Collusion Attack - Search queries and responses are forwarded probabilistically, making it very hard for directly connected colluding peers to infer source of data or monitor habits

Performance Evaluation

• File Size – 20 MB• 120 PlanetLab machines• To limit overhead, Tor was modified to create 10 new paths every 10 seconds instead of every 10 minutes

Contributions

• A new system that provides flexibility for the user to manage the level of privacy for file sharing

• Incorporation of social network for building p2p file sharing network

Weaknesses

• Evaluation of Protocol in “Privacy-Preserving” modes• No details are provided regarding the implementation /

functioning of community servers• Manual bootstrapping of mesh topology has not been

explained

Improvements

• Capability to import friends from other social networks

Questions